Glossary Digital Identity

Digital Identity

What is a digital identity?

It is a relatively new concept. The rapid pace of digitisation has brought many aspects of our lives online. It's not just about online shopping. Nowadays, we use digital services to manage our finances and take out insurance from home.
In all these areas, we create our own digital identity, often without realising it. So, what does the term 'digital identity' mean, and why is it so important to verify it?

Definition: What is a digital identity?

A digital identity is used to verify someone's identity in the physical world. This makes it possible to verify the identity of the person you are dealing with.
A digital identity encompasses all the information about a person that is available in digital form. This information can be used to verify a person's identity when brought together.

What are examples of digital identities?

Anyone with login data has a digital identity. This identity can take many forms:

Digital identities on social media (e.g. a Facebook identity).
Online store identities
Bank identities

All of these represent a person's digital presence in the online world. Service providers have varying degrees of knowledge about the real person behind each digital identity.

What role do digital identities play for companies?

For those involved in e-commerce, it is important to have basic customer information. The extent of this information depends on the company's regulations and risks.
This is where the 'know your customer' principle comes in. KYC requires companies to identify and verify their customers' identities to prevent money laundering and other financial crimes.
Digital identities and identity verification are particularly important in the following industries:

Insurance: Digital identities verify customers' identities and secure access to policies. They also reduce the risk of fraud and automate processes such as claims reporting.
Gambling: Operators use digital identities to verify players' identities and carry out age verification. This prevents fraud and protects against identity theft.
Banking: Banks use digital identities to meet KYC and anti-money laundering requirements. They also speed up account openings and loan applications.
E-commerce: Merchants use digital identities to securely authenticate customers. This protects payment data and strengthens customer confidence. Often, it is sufficient to verify the accuracy of payment data and delivery address, or in some cases, age.

Companies should ensure that the registration process, regular authentication and all transactions can be carried out smoothly using a digital identity.
After all, first impressions are important for building and maintaining customer relationships. A digital identity creates a simplified, customer-oriented process that saves time and money.

Categories of digital identities

Digital identities can take various forms and are basically divided into 3 categories:

Isolated digital identity (silo identity): These are separate identities created for each service provider. Each online service requires its own account with unique login details, which can result in a significant number of usernames and passwords.
Digital identity via single sign-on (SSO): This solution enables users to access various services using a central digital identity (e.g. Google or Facebook) without needing to remember multiple passwords.
State digital identity: This highly trustworthy form of digital identity is issued by the state. It meets high security standards and can be used for a variety of online transactions and interactions. Examples include the German online ID card and ID Austria.

What is a verified digital identity?

It is proof of identity issued by a trust service provider, which requires physical verification by presenting an identity document, such as a passport, and meets the high eIDAS or ZertES requirements.
A digital identity, on the other hand, is a general term for all digital information available about a person.
Digital identities can consist of information that customers provide themselves, which has not been verified by a third party. An example of this is a Facebook account. Alternatively, a verification process can be carried out to create a verified digital identity.
Currently, one challenge is that each platform can use a different identification procedure. Therefore, efforts are being made at both the national and EU levels to establish a standardised model.

How does digital identification work?

With digital identification, a person proves their identity electronically in order to access online services or carry out transactions. This method replaces personal on-site verification and is faster yet equally secure.

Start of digital identification: The user begins the identification process on the service provider's platform.
Capture of ID data: Images of the ID document are captured using a smartphone camera.
Biometric verification: The user takes a short selfie to confirm their identity. Modern liveness detection is used here.
Verification: The captured data is checked to verify the authenticity of the ID document and the user's identity.
Completion of the process: After successful verification, the user is granted access to the desired service.

With PXL Ident, for example, automated identity verification is completed in less than 30 seconds. This ensures high user-friendliness and conversion rates.

European digital identity from the European Commission

In June 2021, the European Commission presented its plans for a European digital identity (EUiD) for EU and European citizens. This should enable people to carry out administrative procedures in other countries without any difficulties.
This includes renting an apartment, enrolling at a university, and opening a bank account, for example. The project will prioritise both user-friendliness and security.

According to the European Digital Identity Regulation, at least 80% of citizens should have a digital identity by 2030, which they can use to access key public services. The aim is to establish a secure and reliable European eID framework.
This new regulation is based on the EU Regulation on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation). Originally introduced in 2014, it was amended in May 2024.

Did you know?
According to the PwC study Digital ID Cards and Digital Wallets 2023, 50% of German citizens would use the online ID function. Self-determination regarding the use of data is the most important criterion for 93% of respondents.

Will a digital identity become mandatory?

While the use of a digital identity will not be compulsory, it will be offered to citizens. However, by 2027, all EU member states must provide their citizens with a digital wallet that facilitates the use of a digital identity.
This will enable citizens to identify themselves both online and offline throughout Europe, and to access all online services, at public authorities and companies.

What is a government eID?

A state eID (electronic identity) is a digital solution for proving the real identity of persons or organizations.

It replaces conventional ID cards, such as passports and ID cards, and offers greater convenience and security.
The eID provides the same level of trust as physical documents.
Citizens retain control over their identity data and can choose what information to release.
It can be conveniently used via a smartphone without disclosing unnecessary data.
With the eID, customers can log in to various online services without having to manage multiple usernames and passwords.
It serves as a standardised login option for the public and private sectors.

However, as the state eID is not yet widespread, companies can use other solutions to verify their customers' identities. One such solution is automated digital identity verification. This method offers several advantages: It is user-friendly, efficient and secure.

State eID in Switzerland

A state eID is expected to be introduced in Switzerland at the beginning of 2026. Following the rejection of the Federal Act on Electronic Identification Services (BGEID) on 7 March 2021, Switzerland is developing a new concept for a state eID.

What is the eIDAS Regulation?

The eIDAS Regulation stands for “Electronic Identification, Authentication and Trust Services”. It is an EU regulation that creates a legal framework for digital identity in the European Union.

The aim is to enable the cross-border use and interoperability of national eID systems.
Citizens will also be able to use their national eID in other EU countries.
Digital identities are classified according to their level of trust.
Only eIDs with a high level of trust are permitted for particularly security-relevant services.

According to the eIDAS Regulation, providers of official digital identities — known as Trust Service Providers (TSPs) — are vetted and may be classified as Qualified Trust Service Providers (QTSPs). This classification is based on their trustworthiness and the level of security they offer.

Trust levels under the eIDAS Regulation:

The eIDAS Regulation defines three trust levels for digital identities:

Low: At the lowest trust level, trust in the digital identity is limited. There is evidence of the user's identity, such as knowledge of login data, but this is susceptible to forgery.
Substantial: Substantial trust requires stricter identity verification procedures where official identification documents must be presented.
High: There is a clear and secure link between the person and their digital identity. Digital identities at this level are provided by trusted providers. Examples of this are HealthID and BankID.

For an electronic means of identification to be recognised as substantial or high, the respective Member State must have notified it at the corresponding trust level as part of a defined notification procedure.

Amendment to the eIDAS Regulation: EUDI wallets

The revised eIDAS Regulation, eIDAS 2.0, came into force on 20 May 2024. This amendment focuses on the introduction of European Digital Identity Wallets (EUDI Wallets).
These wallets allow citizens and organisations to securely and uniformly identify themselves throughout the EU, both online and offline, and to use various authentication services.
Functions of EUDI wallets:

Storage and management of the European Digital Identity (EUDI).
Digital storage of important documents, such as registration certificates, driving licences, travel documents and education and health certificates.
The possibility of using qualified electronic signatures (QES).

By 2027, every EU member state should provide its citizens with a free EUDI wallet for voluntary use.

What are the dangers of a digital identity?

As with all sensitive data, digital identities are also at risk of theft or manipulation. The greatest dangers include:

Identity theft: Having access to passwords or PINs can allow someone to impersonate another person or organisation.
Multiple use of passwords: Many people use the same password for different platforms. This makes it easier for hackers to access multiple accounts simultaneously.
Password reset vulnerabilities: Often, a link to the linked email address is enough to reset a password. If cybercriminals gain access to the email account, they can take over other accounts.
Increased vulnerability to cyberattacks: Without secure identity verification, the risk of identity theft and cybercrime increases. Digital forensics are also often more challenging than physical forensics.
Data protection: Digital identities often record behavioural data such as search history, location, and activity times. This data can be processed further or sold.
Risks with SSO procedures: Single sign-on (SSO) makes users dependent on one provider. If the main account is deleted or blocked, all linked access is lost.

Checklist: How can you protect yourself from the dangers associated with digital identities?

There are various ways to do this. In particular, companies should introduce appropriate data protection measures.

Data protection measures for companies

Protect employee and customer data.
Ensure a data protection-compliant online presence.
Consider cyber insurance.

Use two-factor authentication (2FA)

Secure password or PIN with additional identification
Options: SMS code, Token, Biometric features

Perform an identity check

Ensure that only authorised persons have access.
Meet KYC requirements.

Use the auto-ident procedure

Verify ID cards by scanning them.
Compare biometric data with a selfie video

The auto-ident process involves scanning a user's ID and comparing their biometric data with a selfie video. This reliable verification process enables companies to verify their customers' identities, providing maximum security for digital identities.

What is digital identity management?

Digital identity management, also known as identity management (IdM) or identity and access management (IAM), ensures that authorised employees have access to the necessary technological resources while restricting access to authorised individuals.
It comprises the guidelines and technologies that regulate the company-wide process of identifying, authenticating, and authorising employees, groups of people, and software applications, including user rights and identity-based restrictions.
An identity management system prevents unauthorised access to systems and resources, protects against data exfiltration, and alerts users to access attempts by unauthorised individuals or programmes, both inside and outside the company.

Digital identity with PXL Vision

As digitalisation progresses, digital identity and the state eID are becoming increasingly important. While they offer convenience and efficiency, they also pose challenges. For example, they are susceptible to theft and misuse.
Therefore, the development and implementation of robust identity management solutions is crucial to ensure data protection and security. At the same time, these technologies must be accessible and user-friendly. An intuitive identity verification solution can help with this. We would be happy to advise you, so contact us now.

FAQ about Digital Identity

How does digital identity verification work?

Digital identity verification allows users to prove their identity online. This works through biometrics and the verification of ID documents, for example.

How can blockchain improve digital identity?

Blockchain technology enables decentralized and secure management of identity data, which reduces the risk of data misuse and identity theft.

What are the data protection implications of digital online identities?

Digital identity raises important privacy issues as personal data is shared online. Compliance with data protection guidelines is therefore essential to protect the privacy of users.

Do you need support with the digital identity?

Talk to our experts

Discover our product portfolio